Upon changing from a default of allAccess for Javascript in policy to a more secure default of noAccess, I found that some functions which come with KM would no longer work. Everything that depends on the "injectjs()" statement would only work for sites in my list of Javascript approved sites in Policy Manager. The first function that for which I noticed a problem was zoom an image.
Since I like the new saftey of no javascript for just surfing around, I decided to try to have both methods in Policy Manager. I have just completed a macro which allows me to toggle my default in Policy Manager and to have site lists for both approved and disapproved for Javascript.
Before I go any further, I must advise you to back up to a secure place the file named "prefs.js" in your profile if you intend to try this idea.
You will need an image for the new button which will be created. That can be found at
http://www.perigee.net/~jmd8421r/Flip_PM.bmp. Save this file as "Flip_PM.bmp" in the Default folder under skins. You will have a green flag if your default policy is no access for Javascript. You will have a red flag if your default policy is all access for Javascript.
Since I had previously had a list of sites for no access when my default policy was all access, I decided to keep that and use it along with my current list for all access when the default is no access. This is something that I wanted for myself and is not required to make Flip_PM.kmm work. I will give instructions on doing this part below the macro listing.
Flip_PM.kmm
# K-Meleon Macros (http://kmeleon.sourceforge.net/wiki/index.php?id=MacroLanguage)
#
# ---------- Flip_PM.kmm
# ---------- Change the default for JavaScript within Policy Manager
#
# Dependencies : main.kmm
# Resources : panorama image Flip_PM.bmp in SKINS\DEFAULT
# : may also have policy lists for allAccess and noAccess
# Preferences : -
# Version : 0.4 12/02/09
# --------------------------------------------------------------------------------
_Flip_PM_RunCode {
$_FPM_ToolbarName = "Flip_PM" ;
$_FPM_BSize = "16" ;
$_FPM_LastItem = "" ;
$_FPM_AddBarTag = $_FPM_ToolbarName .",". $_FPM_BSize .",". $_FPM_BSize .",". $_FPM_LastItem ;
pluginmsg(toolbars, "AddToolbar", $_FPM_AddBarTag);
$_FPM_ButtonName = "FlipJS" ;
$_FPM_Command = "macros(Flip_PM_Toggle)" ;
$_FPM_MenuName = "" ;
$_FPM_tipText = "Flip Policy Manager JavaScript on/off";
$_FPM_ImageHot = "Flip_PM.bmp[2]" ;
$_FPM_ImageCold = "Flip_PM.bmp[1]" ;
$_FPM_ImageDead = "Flip_PM.bmp[3]" ;
$_FPM_AddButtonTag = $_FPM_ToolbarName.",".$_FPM_ButtonName.",".$_FPM_Command.",".$_FPM_MenuName.",".$_FPM_tipText.",".$_FPM_BSize.",".$_FPM_BSize.",".$_FPM_ImageHot.",".$_FPM_ImageCold.",".$_FPM_ImageDead.",".$_FPM_LastItem ;
pluginmsg(toolbars, "AddButton", $_FPM_AddButtonTag);
## --- SYNC BUTTON TO PREF FOR DEFAULT JS --- ##
$_FPM_ImageType = "COLD" ;
$_FPM_Current = getpref( STRING, "capability.policy.default.javascript.enabled");
if ($_FPM_Current == "allAccess" ) {
## 1 equals green - 0 equals red
$_FPM_ImageCold = "Flip_PM.bmp[0]"; } else {
$_FPM_ImageCold = "Flip_PM.bmp[1]" ;
}
$_FPM_SyncButtonTag = $_FPM_ToolbarName.",".$_FPM_Command.",".$_FPM_ImageType.",".$_FPM_ImageCold ;
pluginmsg(toolbars, "SetButtonImage", $_FPM_SyncButtonTag);
}
Flip_PM_Toggle {
togglepref( STRING, "capability.policy.default.javascript.enabled", "noAccess", "allAccess");
$_FPM_ImageType = "COLD" ;
$_FPM_Current = getpref( STRING, "capability.policy.default.javascript.enabled");
if ($_FPM_Current == "allAccess" ) {
## 1 equals green - 0 equals red
$_FPM_ImageCold = "Flip_PM.bmp[0]"; } else {
$_FPM_ImageCold = "Flip_PM.bmp[1]" ;
}
$_FPM_ToggleButtonTag = $_FPM_ToolbarName.",".$_FPM_Command.",".$_FPM_ImageType.",".$_FPM_ImageCold ;
pluginmsg(toolbars, "SetButtonImage", $_FPM_ToggleButtonTag);
}
$OnSetup=$OnSetup."_Flip_PM_RunCode;";
$macroModules=$macroModules."Flip_PM;";
== end of Flip_PM.kmm
The following were my original prefs about Policy Manager.
user_pref("capability.policy.Known%20JS%20pops.__permission__.cookie", -1);
user_pref("capability.policy.Known%20JS%20pops.__permission__.image", -1);
user_pref("capability.policy.Known%20JS%20pops.__permission__.install", -1);
user_pref("capability.policy.Known%20JS%20pops.__permission__.popup", -1);
user_pref("capability.policy.Known%20JS%20pops.javascript.enabled", "noAccess");
user_pref("capability.policy.Known%20JS%20pops.sites", < long list of sites > );
user_pref("capability.policy.policynames", "Known%20JS%20pops Test%20case test");
This was the current prefs for Policy Manager. As you can see this one has a default javascript.enabled value of "noAccess".
user_pref("capability.policy.Require%20JavaScript.__permission__.cookie", 1);
user_pref("capability.policy.Require%20JavaScript.__permission__.image", 0);
user_pref("capability.policy.Require%20JavaScript.__permission__.install", 0);
user_pref("capability.policy.Require%20JavaScript.__permission__.popup", 0);
user_pref("capability.policy.Require%20JavaScript.javascript.enabled", "allAccess");
user_pref("capability.policy.Require%20JavaScript.sites", < long list of sites > );
user_pref("capability.policy.default.javascript.enabled", "noAccess");
user_pref("capability.policy.policynames", "Test%20case test Require%20JavaScript");
With KM stopped, I copied the original prefs into the "prefs.js" file and combined the user_pref("capability.policy.policynames" data to reflect both policies.
user_pref("capability.policy.policynames", "Test%20case test Require%20JavaScript Known%20JS%20pops");
I deleted the extra policynames line which did not contain both policies.